package fr.mywiki.business.login;

import javax.servlet.http.HttpSession;

import fr.mywiki.business.account.AccountLite;
import fr.mywiki.business.account.AccountManager;
import fr.mywiki.business.utils.MD5;


/**
 * Contains methods to manage the login (login, logout, logged account,...).
 * 
 * @author tlombard
 */
public class LoginManager {
	/** No login has been entered */
	public static final String NULL_LOGIN = "login.login.null";
	/** No password has been entered */
	public static final String NULL_PASSWORD = "login.password.null";
	/** The user having the specified login could not be found */
	public static final String USER_NOT_FOUND = "login.user.notFound";
	/** The user having the specified login could not be found */
	public static final String UNCORRECT_PASSWORD = "login.password.uncorrect";
	/** The login and the password are correct, the user is connected */
	public static final String CONNECTION_OK = "connection_ok";

	/** The logged user is stored into the session under this attribute key. */
	protected static final String LOGGED_ACCOUNT = "logged_account";

	private LoginManager() {}

	/**
	 * Tries to log the user defined by its login and password to the system. Eventually returns the
	 * kind of error met.
	 * 
	 * @param login a <code>String</code> object being the login entered by the user.
	 * @param password a <code>String</code> object being the password entered by the user.
	 * @param session a <code>HttpSession</code> object being the current session.
	 */
	public static String login(String login, String password, HttpSession session) {
		/* Find the user whose login is the one given in parameter */
		if (login == null || new String().equals(login))
			return NULL_LOGIN;
		if (password == null || new String().equals(password))
			return NULL_PASSWORD;
		
		AccountLite user = AccountManager.findAccount(login);
		if(user==null)
			return USER_NOT_FOUND;
		
		String userPwd = user.getPassword();

		if (!MD5.asHex(password.getBytes()).equals(userPwd))
			return UNCORRECT_PASSWORD;

		initSession(session, user);

		return CONNECTION_OK;
	}
	
	/**
	 * Intializes the session for the account given in parameter. The logged
	 * account is set and the spaces are initailized.
	 * 
	 * @param session the current session 
	 * @param account the account to log with.
	 */
	public static void initSession(HttpSession session, AccountLite account) {
		session.setAttribute(LOGGED_ACCOUNT, account);
		initSpaces(session);
	}

	/**
	 * Logs out any user connected to this session.
	 * 
	 * @param session a <code>HttpSession</code> object being the current session.
	 */
	public static void logout(HttpSession session) {
		session.removeAttribute(LOGGED_ACCOUNT);
		session.invalidate();
	}

	/**
	 * Returns the user logged in this session.
	 * 
	 * @param session a <code>HttpSession</code> object representing the current session.
	 * @return a <code>AccountLite</code> object representing the current user or <code>null</code>.
	 */
	public static AccountLite getLoggedUser(HttpSession session) {
		return (AccountLite) session.getAttribute(LOGGED_ACCOUNT);
	}

	/**
	 * Returns true if there is a user logged for this session.
	 * 
	 * @param session a <code>HttpSession</code>
	 * @return <code>true</code> iif there is a user logged to the session.
	 */
	public static boolean hasLoggedUser(HttpSession session) {
		return getLoggedUser(session) != null;
	}

	/**
	 * When the session is launched, the application has to load this user's spaces.
	 * 
	 * @param session the current session
	 */
	private static void initSpaces(HttpSession session) {
		
	}
}
